firewall { group { address-group dns_servers { address "10.0.99.14" } address-group wan4_only_clients { address "10.0.50.21" } interface-group ALL_LAN { interface "br0.10" interface "br0.20" interface "br0.30" interface "br0.40" interface "br0.50" interface "br0.60" interface "br0.70" interface "br0.99" interface "br0.140" interface "br0.150" interface "br0.160" } interface-group LAB { interface "br0.140" interface "br0.150" interface "br0.160" } interface-group LAN { interface "br0.10" interface "br0.20" interface "br0.30" interface "br0.40" interface "br0.50" interface "br0.60" interface "br0.70" interface "br0.99" } interface-group WAN { interface "pppoe0" interface "eth1" interface "wg1" } ipv6-address-group dns_servers { address "2a0a:6040:4004:99::a1" } ipv6-network-group allowed_to_router { network "2a0a:6040:4004:10::/64" network "2a0a:6040:4004:99::/64" } ipv6-network-group bad_ipv6 { network "::/128" network "::1/128" network "fec0::/10" network "::/96" network "100::/64" network "2001:db8::/32" network "2001:10::/28" network "3ffe::/16" network "::/104" network "2001::/23" } ipv6-network-group no_forward_ipv6 { network "fe80::/10" network "ff00::/8" } mac-group ZEONET_MACS { mac-address "b4:8a:5f:24:3f:c1" mac-address "30:fd:65:29:ca:c8" mac-address "66:75:63:6b:20:77" mac-address "66:75:63:6b:20:76" mac-address "66:75:63:6b:20:75" } network-group allowed_to_router { network "10.0.99.0/24" network "10.0.10.0/24" network "10.1.10.0/24" } network-group external_lan { description "External LAN containing WAN1 modem and WAN2 modem" network "192.168.1.1/32" network "192.168.8.1/32" } network-group not_in_internet { network "0.0.0.0/8" network "172.16.0.0/12" network "192.168.0.0/16" network "10.0.0.0/8" network "169.254.0.0/16" network "127.0.0.0/8" network "224.0.0.0/4" network "198.18.0.0/15" network "192.0.0.0/24" network "192.0.2.0/24" network "198.51.100.0/24" network "203.0.113.0/24" network "100.64.0.0/10" network "240.0.0.0/4" network "192.88.99.0/24" network "255.255.255.255/32" } network-group personal_vpn { network "10.1.10.0/24" network "10.1.20.0/24" network "10.1.30.0/24" network "10.1.40.0/24" network "10.1.1.0/24" } network-group vlan_10 { network "10.0.10.0/24" network "10.1.10.0/24" } network-group vlan_20 { network "10.0.20.0/24" network "10.1.20.0/24" } network-group vlan_30 { network "10.0.30.0/24" network "10.1.30.0/24" } network-group vlan_40 { network "10.0.40.0/24" network "10.1.40.0/24" } network-group web_traffic_allowlist { network "0.0.0.0/0" } port-group DNS_PORTS { port "53" port "853" } port-group WIREGUARD_PORTS { port "51820" port "51821" port "51377" } } ipv4 { forward { filter { default-action "drop" rule 3 { action "accept" description "Accept established,related" state { established "enable" related "enable" } } rule 4 { action "accept" description "Allow ICMP to DNS server" destination { group { address-group "dns_servers" } } inbound-interface { interface-group "ALL_LAN" } protocol "icmp" } rule 5 { action "accept" description "Allow LAN interfaces to reach DNS servers" destination { group { address-group "dns_servers" port-group "DNS_PORTS" } } inbound-interface { interface-group "ALL_LAN" } protocol "tcp_udp" } rule 6 { action "drop" description "Drop invalid" state { invalid "enable" } } rule 7 { action "accept" description "Allow access to WAN2 modem" destination { address "192.168.8.1/32" } inbound-interface { interface-group "ALL_LAN" } outbound-interface { interface-name "eth1" } } rule 8 { action "drop" description "Drop traffic to non public networks to WAN" destination { group { network-group "not_in_internet" } } inbound-interface { interface-group "ALL_LAN" } outbound-interface { interface-group "WAN" } } rule 9 { action "drop" description "Drop rfc1918 traffic from WAN" inbound-interface { interface-group "WAN" } source { group { network-group "not_in_internet" } } } rule 10 { action "accept" description "Allow incoming traffic from personal vpn to external lan" destination { group { network-group "external_lan" } } inbound-interface { interface-name "wg0" } } rule 11 { action "jump" jump-target "VLAN_10" source { group { network-group "vlan_10" } } } rule 12 { action "jump" jump-target "VLAN_20" source { group { network-group "vlan_20" } } } rule 13 { action "jump" jump-target "VLAN_30" source { group { network-group "vlan_30" } } } rule 14 { action "jump" jump-target "VLAN_40" source { group { network-group "vlan_40" } } } rule 15 { action "jump" inbound-interface { interface-name "br0.50" } jump-target "VLAN_50" } rule 16 { action "jump" inbound-interface { interface-name "br0.60" } jump-target "VLAN_60" } rule 17 { action "jump" inbound-interface { interface-name "br0.70" } jump-target "VLAN_70" } rule 18 { action "jump" inbound-interface { interface-name "br0.99" } jump-target "VLAN_99" } rule 19 { action "jump" inbound-interface { interface-name "br0.140" } jump-target "VLAN_140" } rule 20 { action "jump" inbound-interface { interface-name "br0.150" } jump-target "VLAN_150" } rule 21 { action "jump" inbound-interface { interface-name "br0.160" } jump-target "VLAN_160" } rule 22 { action "jump" description "personal-vpn rules" jump-target "PERSONAL_VPN" source { group { network-group "personal_vpn" } } } } } input { filter { default-action "drop" rule 1 { action "accept" state { established "enable" related "enable" } } rule 2 { action "accept" destination { group { port-group "WIREGUARD_PORTS" } } protocol "udp" } rule 3 { action "accept" protocol "icmp" } rule 4 { action "accept" description "Allow incoming DHCPv4 traffic from eth1" inbound-interface { interface-name "eth1" } protocol "udp" source { port "67" } } rule 5 { action "accept" description "Allow access to router" source { group { network-group "allowed_to_router" } } } rule 6 { action "drop" description "Drop all not coming from LAN" inbound-interface { interface-group "WAN" } } rule 7 { action "accept" description "Allow DHCPv4 traffic from LAN interfaces" destination { port "67" } inbound-interface { interface-group "ALL_LAN" } protocol "udp" source { port "68" } } rule 8 { action "accept" description "Allow LAN interfaces to reach DNS(udp/53)" destination { port "53" } inbound-interface { interface-group "ALL_LAN" } protocol "tcp_udp" } rule 9 { action "accept" description "Accept NTP from LAN" destination { port "123" } inbound-interface { interface-group "ALL_LAN" } protocol "udp" } rule 10 { action "drop" description "Drop Invalid" state { invalid "enable" } } rule 11 { action "accept" inbound-interface { interface-name "wg0" } source { group { network-group "personal_vpn" } } } rule 12 { action "reject" inbound-interface { interface-name "wg0" } } } } name ICMP_CHAIN { default-action "drop" description "Chain to handle ICMP traffic" rule 1 { action "accept" description "echo reply" icmp { code "0" type "0" type-name "echo-reply" } } rule 2 { action "accept" description "net unreachable" icmp { code "0" type "3" } } rule 3 { action "accept" description "host unreachable" icmp { code "1" type "3" } } rule 4 { action "accept" description "allow time exceeded" icmp { code "0" type "11" } } rule 5 { action "accept" description "host unreachable fragmentation required" icmp { code "4" type "11" } } rule 6 { action "accept" description "allow echo request" icmp { code "0" type "8" } } rule 7 { action "accept" description "allow parameter problem" icmp { code "0" type "12" } } } name PERSONAL_VPN { default-action "drop" rule 1 { action "accept" description "Allow traffic from Vultr Node" } } name VLAN_10 { default-action "reject" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow VPN access" outbound-interface { interface-name "wg0" } } rule 3 { action "accept" description "Allow intra vlan access" destination { group { network-group "vlan_10" } } } rule 4 { action "accept" description "Allow talking to VLAN_50" outbound-interface { interface-name "br0.50" } } rule 5 { action "accept" description "Allow talking to VLAN_70" outbound-interface { interface-name "br0.70" } } rule 6 { action "accept" description "Allow talking to VLAN_99" outbound-interface { interface-name "br0.99" } } rule 7 { action "accept" description "Allow access to external lan" destination { group { network-group "external_lan" } } } rule 8 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_20 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" destination { group { network-group "vlan_20" } } } rule 3 { action "accept" description "Allow talking to VLAN_50" outbound-interface { interface-name "br0.50" } } rule 4 { action "accept" description "Allow talking to VLAN_70" outbound-interface { interface-name "br0.70" } } rule 5 { action "accept" description "Allow access to VLAN_30" destination { group { network-group "vlan_30" } } } rule 6 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_30 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" destination { group { network-group "vlan_30" } } } rule 3 { action "accept" description "Allow talking to VLAN_50" outbound-interface { interface-name "br0.50" } } rule 4 { action "accept" description "Allow talking to VLAN_70" outbound-interface { interface-name "br0.70" } } rule 5 { action "accept" description "Allow access to VLAN_20" destination { group { network-group "vlan_20" } } } rule 6 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_40 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" destination { group { network-group "vlan_40" } } } rule 3 { action "accept" description "Allow talking to VLAN_50" outbound-interface { interface-name "br0.50" } } rule 4 { action "accept" description "Allow talking to VLAN_70" outbound-interface { interface-name "br0.70" } } rule 5 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_50 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow VPN access" outbound-interface { interface-name "wg0" } } rule 3 { action "accept" description "Allow access to VLAN_10" destination { group { network-group "vlan_10" } } } rule 4 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_60 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_70 { default-action "drop" rule 1 { action "accept" description "Allow intra vlan access" outbound-interface { interface-name "br0.70" } } } name VLAN_99 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow VPN access" outbound-interface { interface-name "wg0" } } rule 3 { action "accept" description "Allow intra vlan access" outbound-interface { interface-name "br0.99" } } rule 4 { action "accept" description "Allow talking to VLAN_50" outbound-interface { interface-name "br0.50" } } rule 5 { action "accept" description "Allow talking to VLAN_70" outbound-interface { interface-name "br0.70" } } rule 6 { action "accept" description "Allow access to external lan" destination { group { network-group "external_lan" } } } rule 7 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_140 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" outbound-interface { interface-name "br0.140" } } rule 3 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_150 { default-action "drop" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" outbound-interface { interface-name "br0.150" } } rule 3 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } name VLAN_160 { default-action "reject" rule 1 { action "accept" description "Allow WAN access" outbound-interface { interface-group "WAN" } } rule 2 { action "accept" description "Allow intra vlan access" outbound-interface { interface-name "br0.160" } } rule 3 { action "jump" jump-target "ICMP_CHAIN" protocol "icmp" } } } } interfaces { bridge br0 { description "bridge" enable-vlan member { interface eth2 { allowed-vlan "10" allowed-vlan "20" allowed-vlan "30" allowed-vlan "40" allowed-vlan "50" allowed-vlan "60" allowed-vlan "99" allowed-vlan "70" allowed-vlan "140" allowed-vlan "150" allowed-vlan "160" } interface eth3 { allowed-vlan "10" allowed-vlan "20" allowed-vlan "30" allowed-vlan "40" allowed-vlan "50" allowed-vlan "60" allowed-vlan "99" allowed-vlan "70" allowed-vlan "140" allowed-vlan "150" allowed-vlan "160" } interface eth4 { allowed-vlan "10" allowed-vlan "20" allowed-vlan "30" allowed-vlan "40" allowed-vlan "50" allowed-vlan "60" allowed-vlan "99" allowed-vlan "70" allowed-vlan "140" allowed-vlan "150" allowed-vlan "160" } interface eth5 { allowed-vlan "10" allowed-vlan "20" allowed-vlan "30" allowed-vlan "40" allowed-vlan "50" allowed-vlan "60" allowed-vlan "99" allowed-vlan "70" allowed-vlan "140" allowed-vlan "150" allowed-vlan "160" } } vif 10 { address "10.0.10.1/24" description "ishan" } vif 20 { address "10.0.20.1/24" description "pranjal" } vif 30 { address "10.0.30.1/24" description "akshat" } vif 40 { address "10.0.40.1/24" description "priyam" } vif 50 { address "10.0.50.1/24" description "lab" } vif 60 { address "10.0.60.1/24" description "guest" } vif 70 { address "10.0.70.1/24" description "lab-no-internet" } vif 99 { address "10.0.99.1/24" description "mgmt" } vif 140 { address "10.0.140.1/24" description "ipv6 only" } vif 150 { address "10.0.150.1/24" description "wan1 only" } vif 160 { address "10.0.160.1/24" description "wan2 only" } } ethernet eth0 { address "192.168.1.2/24" description "EXT-WAN1" hw-id "a8:b8:e0:00:4a:d7" mac "66:75:63:6B:20:77" } ethernet eth1 { address "dhcp" dhcp-options { default-route-distance "2" } hw-id "a8:b8:e0:00:4a:d8" } ethernet eth2 { hw-id "a8:b8:e0:00:4a:d9" } ethernet eth3 { hw-id "a8:b8:e0:00:4a:da" } ethernet eth4 { hw-id "a8:b8:e0:00:4a:db" } ethernet eth5 { hw-id "a8:b8:e0:00:4a:dc" } input ifb0 { } loopback lo { } pppoe pppoe0 { authentication { } default-route-distance "1" description "Zeonet" ip { adjust-mss "clamp-mss-to-pmtu" } no-peer-dns source-interface "eth0" } wireguard wg0 { address "10.1.1.2/24" address "10.1.10.1/24" address "10.1.20.1/24" address "10.1.30.1/24" address "10.1.40.1/24" description "personal-vpn" mtu "1432" port "51820" } wireguard wg1 { address "10.28.246.107/32" mtu "1432" port "51821" } } load-balancing { wan { enable-local-traffic flush-connections interface-health eth1 { nexthop "100.0.0.1" test 1 { resp-time "2" target "1.0.0.1" ttl-limit "64" type "ping" } } interface-health pppoe0 { nexthop "100.64.0.1" test 1 { resp-time "2" target "1.0.0.1" ttl-limit "64" type "ping" } } rule 1 { description "Exclude LAN traffic" destination { address "10.0.0.0/8" } exclude inbound-interface "br0+" protocol "all" source { address "0.0.0.0/0" } } rule 2 { description "Exclude traffic to 5g modem" destination { address "192.168.8.0/24" } exclude inbound-interface "br0+" protocol "all" source { address "0.0.0.0/0" } } rule 3 { description "Exclude Fiber Modem traffic" destination { address "192.168.1.0/24" } exclude inbound-interface "br0+" protocol "all" source { address "0.0.0.0/0" } } rule 4 { description "WAN1_ONLY" exclude inbound-interface "br0.150" protocol "all" source { address "0.0.0.0/0" } } rule 5 { description "WAN2_ONLY" exclude inbound-interface "br0.160" protocol "all" source { address "0.0.0.0/0" } } rule 6 { description "WAN1_WAN2_FAILOVER" failover inbound-interface "br0+" interface eth1 { weight "1" } interface pppoe0 { weight "2" } protocol "all" source { address "0.0.0.0/0" } } } } nat { destination { rule 1 { destination { group { address-group "!dns_servers" } port "53" } disable protocol "tcp_udp" source { group { address-group "!dns_servers" } } translation { address "10.0.99.14" port "53" } } rule 2 { description "Caddy 443" destination { port "443" } inbound-interface "pppoe0" protocol "tcp_udp" source { group { network-group "web_traffic_allowlist" } } translation { address "10.0.50.3" port "443" } } rule 3 { description "Caddy 9001" destination { port "9001" } inbound-interface "pppoe0" protocol "tcp" source { group { network-group "web_traffic_allowlist" } } translation { address "10.0.50.3" port "9001" } } rule 4 { description "Caddy 80" destination { port "80" } inbound-interface "pppoe0" protocol "tcp" source { group { network-group "web_traffic_allowlist" } } translation { address "10.0.50.3" port "80" } } rule 5 { description "Pranjal transmission" destination { port "51413" } inbound-interface "pppoe0" protocol "tcp_udp" translation { address "10.0.20.5" port "51413" } } rule 6 { description "Ishan QBit" destination { port "51411" } inbound-interface "pppoe0" protocol "tcp_udp" translation { address "10.0.50.14" port "51411" } } } source { rule 1 { description "fiber wan" outbound-interface "pppoe0" translation { address "masquerade" } } rule 2 { description "lte/5g wan" outbound-interface "eth1" translation { address "masquerade" } } rule 3 { description "personal vpn" outbound-interface "wg0" translation { address "masquerade" } } rule 4 { description "external fiber lan" outbound-interface "eth0" translation { address "masquerade" } } rule 5 { description "pia vpn" outbound-interface "wg1" translation { address "masquerade" } } } } policy { route WAN3_CLIENTS { rule 1 { set { table "10" } source { group { address-group "wan4_only_clients" } } } } } protocols { static { route 0.0.0.0/0 { interface eth1 { distance "2" } interface pppoe0 { distance "1" } } route 192.168.8.0/24 { description "Path to WAN2 Modem" interface eth1 { distance "1" } } table 10 { route 0.0.0.0/0 { next-hop 10.28.128.1 { distance "1" interface "wg1" } } } } } qos { interface eth1 { egress "20MB_DOWNLOAD_RATE_CONTROL" } interface ifb0 { egress "20MB_DL_LIMIT" } policy { rate-control 20MB_DOWNLOAD_RATE_CONTROL { bandwidth "30mbit" burst "15k" } shaper 20MB_DL_LIMIT { bandwidth "30mbit" default { bandwidth "30mbit" burst "15k" } } } } service { dhcp-server { hostfile-update shared-network-name vlan10 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.10.1" subnet 10.0.10.0/24 { default-router "10.0.10.1" lease "43200" name-server "10.0.99.14" range vlan10 { start "10.0.10.10" stop "10.0.10.50" } } } shared-network-name vlan20 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.20.1" subnet 10.0.20.0/24 { default-router "10.0.20.1" lease "43200" range vlan20 { start "10.0.20.10" stop "10.0.20.50" } } } shared-network-name vlan30 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.30.1" subnet 10.0.30.0/24 { default-router "10.0.30.1" lease "43200" range vlan30 { start "10.0.30.10" stop "10.0.30.50" } } } shared-network-name vlan40 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.40.1" subnet 10.0.40.0/24 { default-router "10.0.40.1" lease "43200" range vlan40 { start "10.0.40.10" stop "10.0.40.50" } } } shared-network-name vlan50 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.50.1" subnet 10.0.50.0/24 { default-router "10.0.50.1" lease "43200" range vlan50 { start "10.0.50.30" stop "10.0.50.50" } } } shared-network-name vlan60 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.60.1" subnet 10.0.60.0/24 { default-router "10.0.60.1" lease "43200" range vlan60 { start "10.0.60.10" stop "10.0.60.50" } } } shared-network-name vlan70 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.70.1" subnet 10.0.70.0/24 { default-router "10.0.70.1" lease "43200" range vlan70 { start "10.0.70.10" stop "10.0.70.50" } } } shared-network-name vlan99 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.99.1" subnet 10.0.99.0/24 { default-router "10.0.99.1" lease "43200" range vlan99 { start "10.0.99.20" stop "10.0.99.50" } } } shared-network-name vlan150 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.150.1" subnet 10.0.150.0/24 { default-router "10.0.150.1" lease "43200" range vlan150 { start "10.0.150.10" stop "10.0.150.50" } } } shared-network-name vlan160 { authoritative domain-name "home.arpa" domain-search "home.arpa" name-server "10.0.99.14" ntp-server "10.0.160.1" subnet 10.0.160.0/24 { default-router "10.0.160.1" lease "43200" range vlan160 { start "10.0.160.10" stop "10.0.160.50" } } } } dns { forwarding { allow-from "10.0.99.0/24" listen-address "10.0.99.1" port "5353" system } } monitoring { telegraf { influxdb { authentication { organization "homelab" } bucket "vyos" port "8086" url "http://10.0.50.8" } source "hardware-utilization" source "network" source "system" source "telegraf" } } ntp { allow-client { address "10.0.10.0/24" address "10.0.20.0/24" address "10.0.30.0/24" address "10.0.40.0/24" address "10.0.50.0/24" address "10.0.60.0/24" address "10.0.70.0/24" address "10.0.99.0/24" address "10.0.140.0/24" address "10.0.150.0/24" address "10.0.160.0/24" } listen-address "0.0.0.0" server 0.pool.ntp.org { } server 1.pool.ntp.org { } server 2.pool.ntp.org { } } router-advert { interface br0.10 { default-lifetime "1800" default-preference "high" hop-limit "64" interval { max "300" } link-mtu "1432" name-server "2a0a:6040:4004:99::a1" no-send-advert prefix 2a0a:6040:4004:10::/64 { deprecate-prefix preferred-lifetime "43200" valid-lifetime "86400" } } } ssh { listen-address "10.0.10.1" listen-address "10.0.99.1" port "22" } } system { config-management { commit-revisions "100" } conntrack { modules { ftp h323 nfs sip } } console { device ttyS0 { speed "115200" } } domain-name "home.arpa" host-name "router" login { user vyos { authentication { encrypted-password "$6$4cXK/4S.Xaaqrj1H$Q7vxbb1Hqkcg/VFiItprPcK4llXr1FstyF.AVFEqOSVmVH.srm1S8AR1M5dzquCPKp/aNt4nG38O.P/S8CY280" plaintext-password "" public-keys ishan { key "AAAAC3NzaC1lZDI1NTE5AAAAIAX88KLYCUWS1IKTGsgIRIHwGxTyfhsiRyAgtv65GEEm" type "ssh-ed25519" } } } } name-server "10.0.99.14" option { reboot-on-panic startup-beep } syslog { global { facility all { level "info" } facility local7 { level "debug" } } } time-zone "Asia/Kolkata" } // Warning: Do not remove the following line. // vyos-config-version: "bgp@4:broadcast-relay@1:cluster@1:config-management@1:conntrack@4:conntrack-sync@2:container@1:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-dynamic@1:dns-forwarding@4:firewall@11:flow-accounting@1:https@4:ids@1:interfaces@30:ipoe-server@1:ipsec@12:isis@3:l2tp@4:lldp@1:mdns@1:monitoring@1:nat@5:nat66@1:ntp@3:openconnect@2:ospf@2:policy@6:pppoe-server@6:pptp@2:qos@2:quagga@11:rip@1:rpki@1:salt@1:snmp@3:ssh@2:sstp@4:system@26:vrf@3:vrrp@4:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2" // Release version: 1.5-rolling-202310090023